Classification

Description

Several remote vulnerabilities have been discovered in the Iceweasel
web browser, an unbranded version of the Firefox browser. The Common
Vulnerabilities and Exposures project identifies the following
problems :

– CVE-2008-2785
It was discovered that missing boundary checks on a
reference counter for CSS objects can lead to the
execution of arbitrary code.

– CVE-2008-2933
Billy Rios discovered that passing an URL containing a
pipe symbol to Iceweasel can lead to Chrome privilege
escalation.